TECHBOOK recently reported on a serious security gap in iOS. Apple has now reacted and is providing an update for the iPhone and iPad.
In mid-January, Apple released iOS 15.2.1 to close a security hole in Apple’s HomeKit smart home software. Just under two weeks later, iOS 15.3 follows, which again brings with it a few more changes. Unfortunately, there are no new functions, but there are plenty of bug fixes and security patches.
iOS 15.3 closes security hole in Safari
A flaw in Apple’s WebKit – the browser engine on which Safari is based – allows websites to track users across multiple pages. The problem lies in Safari’s implementation of the IndexD programming interface for JavaScript. The interface regulates memory access for websites, but is not sufficiently secured in iOS 15. Because of this, websites can track users’ internet activity and browsing history, and even find out their identity.
Apple itself describes the vulnerability as follows: “A website can track sensitive user data”. The company fixed the bug in iOS 15.3 with improved input validation. The vulnerability with the identifier CVE-2022-22594 was found by the security company FingerprintJS.
Update fixes numerous other bugs
Another serious vulnerability in iOS 15 is caused by a memory error in the “IOMobileFrameBuffer”. Put simply, the framebuffer is the part of memory that stores images that will then appear on the screen. Because the IOMobileFrameBuffer is an extension of the iOS kernel, hackers can gain access and run malicious code.
Access to the system kernel means virtually unhindered access to all functions of the operating system. Apple is aware of a report that this vulnerability has been actively exploited by hackers. iOS 15.3 fixes the memory bug with improved input validation.
Another eight vulnerabilities in Apple’s WebKit, iCloud and other system components have also received patches. The complete list with all the details can be found on the Apple support page about the content of iOS 15.3.
Also interesting: The most common errors in iOS 15 and how to fix them
It is best to install iOS 15.3 right away
TECHBOOK recommends installing the update, which is about one gigabyte in size, as soon as possible. Not only does it eliminate a serious security hole in Safari. Reports of a vulnerability that may already have been exploited are also worrying.
The update is available for iPhone in the form of iOS 15.3 and iPad in the form of iPadOS 15.3. It is compatible with all devices that support iOS/iPadOS 15: iPhone 6s and newer, all iPad Pro models, iPad Air 2 and newer, iPad 5th generation and newer, iPad mini 4 and newer, and iPod touch 7. Generation.